GDPR, IP addresses, and classification – theory and practice
IP addresses can determine jurisdiction - as classically exploited by private and public surveillance agencies, BigTech, other data brokers, and just about any web site owner. This is well known. As is the fact that such tracking information is key to everyone's commercial efforts to destroy net neutrality and undermine the web. But what does this mean for GDPR compliance? Can it be exploited for classifying individuals' jurisdiction? Should it? What are the pros and cons? Theory (law) I note in passing...